Call centers in healthcare and insurance industries are often utilized in stressful or unpleasant times concerning complicated issues. However, these providers have limited security measures to determine whether the person they are talking to is the actual policyholder or patient, thus making these industries susceptible to phone fraud. Insurance agencies experienced a massive increase in fraudulent calls, as in 2016, one in every 4,700 calls was fraudulent compared to 1 in 12,000 in 2015.
Do you know who’s really calling?
Traditional authentication methods of corroborating phone numbers with caller ID, using knowledge-based authentication (KBA) questions or voice biometrics can be easily spoofed or bypassed by fraudsters, granting them access to sensitive information. For example, in efforts of providing seamless customer service, call center agents can be manipulated by social engineering, as fraudsters phish for information regarding health records, policy or account credentials, or other confidential histories. The data can then be used to make false claims and takeover accounts.
A significant level of scrutiny is placed upon the healthcare industry with regards to patient privacy. Due to the level of detail within patient records, fraudsters will leverage aggressive tactics for data mining. Healthcare providers may encounter attacks including data breach, chargebacks, or flex spending account takeovers. With these fraud attacks, health records could be leaked to the black market, putting patients’ information in jeopardy. However, compared to financial institutions and retailers, healthcare providers experience a disadvantage because they typically do not have call center security in place to deter fraud.
There are a variety of scams aimed at insurance companies by phone fraud rings, and victims may not notice for a long time, if ever. Account takeovers originate in the call center, and can go unnoticed for months or potentially years, due to customer account inactivity. Insurance agencies often encounter impersonation fraud, where fraudsters file false claims. The life insurance policies targeted by fraudsters typically have high cash values, which can then be liquidated or used as an investment vehicle.
Even though life and auto insurance provide high pay offs, device insurance is by far the most common. Some device companies offer payments to consumers whose mobile phones are lost or stolen, resulting in 1 in every 194 calls being fraudulent.
The Hidden Costs
Cybersecurity is continually being enhanced within most organizations, however, the phone channel remains the weakest link and criminals can often bypass inefficient security measures during their attacks. Fraud found within the healthcare and insurance industries come with different costs, the most obvious being the monetary loss, however, other hidden costs must be considered: identity theft, poor patient experience, fraudulent claims, cross-channel attacks, and brand reputation.